Month: March 2023

HACKS OF THE DAY 23/03/2023

Post author By Stefano Favarato
Post date 23/03/2023

Hacks Of The Day news'cover

news

HACKS OF THE DAY 23/03/2023

Today’s HOTD includes 8 ransomware victims of the notorious Cl0p, BlackBasta, Everest, BlackCat/ALPHV and Royal gangs.

The average Cyber Risk Factor of the day is 3.1.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical

US DISTRICT COURT

Victim website:	uscourts.gov
Victim country:	USA
Attacker name:	Everest
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 15,000
Exfiltrated data amount:	N/A
Exfiltrated data type:	Access to the network US District Court. Employee access, full control. Network access of a lawyer with tons various confidential documents is included in this sale. Internal correspondence, tax, banks, ssn, dl, court cases.
Leaked data:	Screenshot of proof of access
Ransom deadline:	N/A
Cyber Risk Factor:	5

BLUEBIRD NETWORK

Victim website:	bluebirdnetwork.com
Victim country:	USA
Attacker name:	BlackCat/ALPHV
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	350 GB
Exfiltrated data type:	Internal company data, clients documentation (including credit cards information) complete network map including credentials for local and remote services
Leaked data:	sample with screenshots of miscellaneous, maps, projects, financial documents
Ransom deadline:	N/A
Cyber Risk Factor:	5

GRACEWORKS LUTHERAN SERVICES

Victim website:	graceworks.org
Victim country:	USA
Attacker name:	Royal
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	45 GB
Exfiltrated data type:	All email addresses of the top management, full financial audits from 1995 to the present, 45GB or 486,880 Files of personal patients information (clinical) and even documents related to President Biden – very entertaining. Beside this, we have finance, employee documents, accounting, HR and much more others.
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

ROCK INSURANCE BROKERS

Victim website:	rockinsurancebrokers.com
Victim country:	Canada
Attacker name:	BlackBasta
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	3

LESLIE’S

Victim website:	lesliespool.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	2

LASOTEL

Victim website:	lasotel.fr
Victim country:	France
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	2

P&G

Victim website:	pg.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	2

CROSSVILLE

Victim website:	crossvilleinc.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	2

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 02/05/2024

Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...

HACKS OF TODAY 30/04/2024 – 01/05/2024

Today's HOT includes 29 victims by the notorious LockBit 3.0, BlackBasta, Embargo, Medusa, Akira, Play, Snatch, Everest, Qilin, Cl0p and RansomHub gangs. The average Cyber...

HACKS OF TODAY 27-28-29/04/2024

Today's HOT includes 30 ransomware victims by the notorious Apos, Play, LockBit 3.0, RansomHub, INC Ransom, Black Suit, Eraleig, Qiulong, Hunters International, 8Base, BlackBasta and Space Bears...

Tags CYBER SECURITY, CYBERCRIME, DARKWEB, HACKING, HOTD, MALWARE, RANSOMWARE

2023 HOT News-EN

HACKS OF THE DAY 22/03/2023

Post author By Stefano Favarato
Post date 22/03/2023

Hacks Of The Day news'cover

news

HACKS OF THE DAY 22/03/2023

Today’s HOTD includes 19 ransomware victims of the notorious LockBit 3.0, BlackBasta, RansomHouse, BlackBat/ALPHV, Medusa, Royal and RansomHouse gangs.

The average Cyber Risk Factor of the day is 3.3.

Read below the full list.

Disclaimer:

ATLAS SECURITY

Victim website:	atlas24.co.za
Victim country:	South Africa
Attacker name:	Medusa
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 300,000
Exfiltrated data amount:	100 GB
Exfiltrated data type:	Miscellaneous, clients, clients’ house maps, security system projects, financial documents etc.
Leaked data:	sample with screenshots of miscellaneous, maps, projects, financial documents
Ransom deadline:	29^th Mar 23
Cyber Risk Factor:	5

DESIGN CATAPULT

Victim website:	designcatapult.com
Victim country:	USA
Attacker name:	RansomHouse
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	700 GB
Exfiltrated data type:	Confidential data and projects documents
Leaked data:	Downloadable evidence pack
Ransom deadline:	N/A
Cyber Risk Factor:	4

KRESS

Victim website:	kresscarrier.com
Victim country:	USA
Attacker name:	BlackCat/ALPHV
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	600 GB
Exfiltrated data type:	Drawings, financial information, your employees and partners and other critical data
Leaked data:	Sample with screenshots of the exfiltrated folders
Ransom deadline:	N/A
Cyber Risk Factor:	4

SUPPLYCORE

Victim website:	supplycore.com
Victim country:	USA
Attacker name:	BlackBasta
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous, contractors, PII documents etc.
Leaked data:	Sample with screenshots of miscellaneous contractors, PII documents.
Ransom deadline:	N/A
Cyber Risk Factor:	4

YASKAWA MOTOMAN

Victim website:	motoman.com
Victim country:	Japan
Attacker name:	Royal
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	Large amount of data (at least 200GB)
Exfiltrated data type:	Projects, finance, agreements, employee’s information
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

REGIONAL GOVERNMENT IN PORT CLINTON

Victim website:	co.ottawa.oh.us
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	100 GB
Exfiltrated data type:	Miscellaneous, contractors, health insurance, credit cards, employees documents etc.
Leaked data:	Sample with screenshots of miscellaneous documents
Ransom deadline:	28^th Mar 23
Cyber Risk Factor:	4

DOUAUD GROUP

Victim website:	transports-douaud.com
Victim country:	France
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	216 GB
Exfiltrated data type:	Miscellaneous documents etc.
Leaked data:	Sample with screenshots of miscellaneous documents
Ransom deadline:	11^th Apr 23
Cyber Risk Factor:	4

THE THREE RIVERS LEARNING TRUST

Victim website:	the3rivers.net
Victim country:	United Kingdom
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	155 GB
Exfiltrated data type:	Miscellaneous including financial, PII, invoice documents etc.
Leaked data:	Screenshots of miscellaneous, financial and PII, invoice documents.
Ransom deadline:	11^th Apr 23
Cyber Risk Factor:	4

CITY OF OAKLAND

Victim website:	oaklandca.gov
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	10^th Apr 23
Cyber Risk Factor:	3

CITY OF ALLEN PARK

Victim website:	cityofallenpark.org
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	22^nd Mar 23
Cyber Risk Factor:	3

KARNATAKA STATE REMOTE SENSING APPLICATIONS CENTRE

Victim website:	ksrsac.karnataka.gov.in
Victim country:	India
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous, project documents
Leaked data:	Sample with screenshots of miscellaneous and project documents
Ransom deadline:	11^th Apr 23
Cyber Risk Factor:	3

ROSLEV AUTO

Victim website:	roslevauto.dk
Victim country:	Denmark
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including invoice documents
Leaked data:	Sample with screenshots of client invoices
Ransom deadline:	11^th Apr 23
Cyber Risk Factor:	3

G. PROULX

Victim website:	gproulxinc.com
Victim country:	Canada
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including PII documents etc.
Leaked data:	Sample with screenshots of miscellaneous and PII documents
Ransom deadline:	29^th Mar 23
Cyber Risk Factor:	3

ZEUS ENERGY

Victim website:	linkedin.com/company/zeus-energy
Victim country:	Peru
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including financial, customer documents etc
Leaked data:	Sample with screenshots of miscellaneous, customers, invoice documents
Ransom deadline:	N/A
Cyber Risk Factor:	3

JENKONGKLAI

Victim website:	jenparking.com
Victim country:	Thailand
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including financial, PII documents etc.
Leaked data:	Sample with screenshots of miscellaneous, PII documents
Ransom deadline:	11^th Apr 23
Cyber Risk Factor:	3

BMI

Victim website:	bakermech.com
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including financial, contractor documents etc.
Leaked data:	Sample with screenshots of miscellaneous, financial and contractors documents
Ransom deadline:	11^th Apr 23
Cyber Risk Factor:	3

STOLT-NIELSEN

Victim website:	stolt-nielsen.com
Victim country:	United Kingdom
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous documents
Leaked data:	Sample with screenshots of a PII document
Ransom deadline:	05^th Apr 23
Cyber Risk Factor:	2

MANGIA

Victim website:	mangiainc.com
Victim country:	Italy
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	10^th Apr 23
Cyber Risk Factor:	2

CABINET PAILLET

Victim website:	cabinet-paillet.fr
Victim country:	France
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous
Leaked data:	Sample with screenshots of PII documents
Ransom deadline:	24^th Mar 23
Cyber Risk Factor:	2

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 02/05/2024

Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...

HACKS OF TODAY 30/04/2024 – 01/05/2024

Today's HOT includes 29 victims by the notorious LockBit 3.0, BlackBasta, Embargo, Medusa, Akira, Play, Snatch, Everest, Qilin, Cl0p and RansomHub gangs. The average Cyber...

HACKS OF TODAY 27-28-29/04/2024

Today's HOT includes 30 ransomware victims by the notorious Apos, Play, LockBit 3.0, RansomHub, INC Ransom, Black Suit, Eraleig, Qiulong, Hunters International, 8Base, BlackBasta and Space Bears...

Tags CYBER SECURITY, CYBERCRIME, DARKWEB, HACKING, HOTD, MALWARE, RANSOMWARE

2023 HOT News-EN

HACKS OF THE DAY 21/03/2023

Post author By Stefano Favarato
Post date 21/03/2023

Hacks Of The Day news'cover

news

HACKS OF THE DAY 21/03/2023

Today’s HOTD includes 16 victims:

15 ransomware of the notorious Karakurt, BlackByte, RansomHouse, AvosLocker, Cl0p, Rancoz and Abyss gangs and 1 data leak from RansomEXX gang.

The average Cyber Risk Factor of the day is 3.7.

Read below the full list.

Disclaimer:

KELLY GROUP

Victim website:	kelly.co.uk
Victim country:	United Kingdom
Attacker name:	BlackByte
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 800,000
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous, financial and client documents
Leaked data:	Sample with screenshots of miscellaneous documents and a 1,63 GB downloadable proof pack
Ransom deadline:	N/A
Cyber Risk Factor:	5

ALYASRA FOODS

Victim website:	alyasrafoods.com
Victim country:	Kuwait
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 499,999
Exfiltrated data amount:	Large amount of data
Exfiltrated data type:	All financial statements, all mail correspondence all sales and distribution information.
Leaked data:	Sample with screenshots of miscellaneous and financial documents
Ransom deadline:	31^st Mar 23
Cyber Risk Factor:	5

NATIONAL BOARD OF OSTEOPATHIC MEDICAL EXAMINERS

Victim website:	nbome.org
Victim country:	USA
Attacker name:	Karakurt
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	326 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

INDONESIA POWER

Victim website:	indonesiapower.co.id
Victim country:	Indonesia
Attacker name:	RansomHouse
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	600 GB
Exfiltrated data type:	N/A
Leaked data:	Evidence packs
Ransom deadline:	N/A
Cyber Risk Factor:	4

RATERMANN

Victim website:	hosemanufacturing.com
Victim country:	USA
Attacker name:	Abyss
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	113 GB
Exfiltrated data type:	Miscellaneous, financial documents etc.
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

IGADI

Victim website:	igadiltd.com
Victim country:	USA
Attacker name:	Abyss
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	84 GB
Exfiltrated data type:	Miscellaneous, financial documents etc.
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

JONES HAMILTON

Victim website:	jones-hamilton.com
Victim country:	USA
Attacker name:	Abyss
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	230 GB
Exfiltrated data type:	Miscellaneous, financial documents etc.
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

STONE HILL CONTRACTING

Victim website:	stonehillcontracting.com
Victim country:	USA
Attacker name:	Abyss
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	176
Exfiltrated data type:	Miscellaneous, financial documents etc.
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

THE SIEBOLD COMPANY

Victim website:	siebold.com
Victim country:	USA
Attacker name:	Abyss
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	700 GB
Exfiltrated data type:	Miscellaneous, financial documents etc.
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

RIC ELECTRONICS

Victim website:	ricelectronics.com
Victim country:	Canada
Attacker name:	Rancoz
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	155 GB
Exfiltrated data type:	Miscellaneous documents
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

FERRARI

Victim website:	ferrari.com
Victim country:	Italy
Attacker name:	RansomEXX
Attacker class:	Cybercrime
Attack technique:	Data leak due to ransomware
Ransom demand:	N/A
Exfiltrated data amount:	6,99 GB
Exfiltrated data type:	internal documents, datasheets, repair manuals, etc.
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	3

eMOTORS

Victim website:	emotorsdirect.ca
Victim country:	Canada
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous, financial documents etc.
Leaked data:	Sample with miscellaneous, financial documents
Ransom deadline:	25^th Mar 23
Cyber Risk Factor:	3

DESMAN DESIGN MANAGEMENT

Victim website:	desman.com
Victim country:	USA
Attacker name:	AvosLocker
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	Several data
Exfiltrated data type:	Miscellaneous, accounting, marketing, office, restoration, studies documents
Leaked data:	Downloadable proof pack
Ransom deadline:	N/A
Cyber Risk Factor:	3

ACES ELECTRONIC

Victim website:	acesconn.com
Victim country:	Taiwan
Attacker name:	AvosLocker
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	All data base CRM from server T1CRMDB T1CRM02, data base BPM DB server from T1BPMDB, data base from T1BI001, many documents + project from file server T1FS002 and T1FS003 and etc., a lot of files. +files from admins PCs.
Leaked data:	Downloadable file tree proof
Ransom deadline:	N/A
Cyber Risk Factor:	3

TELEPIZZA

Victim website:	telepizza.com
Victim country:	Spain
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	09^th Apr 23
Cyber Risk Factor:	2

SAKS FIFTH AVENUE

Victim website:	saksfifthavenue.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	2

Stay safe!

Hackmanac Team

Latest news

Tags CYBER SECURITY, CYBERCRIME, DARKWEB, DATA BREACH, DATA LEAK, HACKING, HOTD, MALWARE, RANSOMWARE